Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Permission error unless 444


DavidR

Recommended Posts

I just moved a site from one server to another. The permissions were maintained on the /includes/config.php (644) but I started getting the "I am able to write to the configuration file: ... catalog/includes/configure.php.

This is a potential security risk - please set the right user permissions on this file." error anyway. The only way I could eliminate it was to reduce permissions on that file down to 444. This has never happened to me and my search didn't find anything. The only difference between the two servers that I can determine is the new one is running php 4.3.11 and the old one php 4.3.10. I was going to look at the code that determines the permissions just as a guess. Any ideas?

 

David

Link to comment
Share on other sites

I've seen that before as well -- different from one server to another server. Why? I don't know.

 

Doesn't much matter to me, as long as it works and nobody can mess with your configure.php.

 

-jared

Link to comment
Share on other sites

Link to comment
Share on other sites

  • 2 weeks later...
One reason might be that the host has SUphp installed...

That was it! PHPsuexec is installed, so all scripts run under the user, not "nobody". It's actually cool once you know it - no need to chmod to 777 on anything. I am using 511 as my permissions on configure.php and it works. Thanks.

 

David

Link to comment
Share on other sites

  • 7 months later...

Installed successfully using /scripts/easyapache php phpsuexec.

 

Our store now shows this as an error at the top of the page:

 

Warning: I am able to write to the configuration file: /home/USER/public_html/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

This file is at 644 which it should be, not sure why this is happening, any suggestions?

 

Would love to keep the phpsuexec in place to stop nobody from sending spam, but cannot as this is a live store and need to find the fix asap or undo it.

 

Thanks for any help.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...